If one of your server is getting UDP flooded 'occasionally' you might want to check and make sure that the server has not been compromised.

"Script kiddies" throughout the world are scanning for vulnerable ssh accounts, PHP exploits, and lame duck IIS installs. If you're lucky the 'kiddies' just set up an IRC client/bouncer on your server and use it to swap 'warez' and taunt other "script kiddies". Eventually someone gets annoyed and they launch a DoS attack against your server.